Menu 1

Tag Archives: Backup

Understand your Backup Technology – Agent vs Agentless Backup

To be Virtual or not to be Virtual?

The evolution of technology from standalone physical servers to shared resource virtualization, creating resource elasticity and so have other technologies evolved to join the virtualization revolution. Many companies have completed a 100% migration to virtual, some are still in this process.

One key technology that has had to keep up is backup and disaster recovery, simply because whether your files server was physical then and virtual now it is the same data and of the same importance to the business, A lot of companies have had to change backup vendors or purchase a different package or even add-on to facilitate the move possibly even keep certain older licensing behind for legacy system that have not yet been virtualized.

Arcserve has been very flexible in this aspect regarding the migration to virtual, physical server licenses where just carried over to physical hypervisor hosts and restore features such as virtual standby, Instant VM restore and full system high availability allowed for the migration & conversion process to be automated with ZERO data loss and in some cases zero downtime. This has added ease to the migration and sped up the virtual revolution globally.

After the Migration (To Be Virtual)

Backup technologies can offer an additional method of backup, a method that would not install into or alter the production environment any way leaving it hands free, this is the agentless method. The agentless method allows for backup software to speak to the hypervisor vendor API and request actions to be performed on the virtual machines. In the case of backup it would look like below steps on a high level.

Find available servers for backup

Create a temporary snapshot on target virtual disks

Extract backup data from target virtual disks

Transfer backup data to destination

Delete temporary snapshot

This allows for quicker deployments and more efficient backups, however there are concerns.

First concern taking a temporary snapshot of a virtual disk without knowing what I/O operations are completing within the virtual disk at that point in time could result in capturing a partial operations resulting in inconsistency of application data when it comes time to restore. Further API integration such as the use of VIX library for VMware and host integration tools for Hyper V allows for backup software to access guest operating system files and services within the Virtual Target Disks. This creates application aware backups on the agentless process.

A second concern that creating snapshots and holding snapshots can increase used space on the production shared volumes & add a degrade of I/O performance to target virtual machine disk during online agentless backups. When the snapshot is created it the base virtual disk is in a frozen state and a secondary disk (The Snapshot) holds differential data of the base disk, this then bloats the size of the target VM storage usage on shared storage volumes , vendor KBs suggest 10 – 20 % storage increase on high transactional virtual machines while snapshot is present. If you are processing all virtual machines on a single shared storage concurrently you need to make sure that you have at least 10-20% free for storage to burst during backup.

The reason for the added I/O overhead during snapshot usage is that read access to guest OS files would need to read original base files and all differencing data since snapshot creation, the larger the snapshot the more data we can assume is needed to be read.

A third concern is that software snapshots don’t support certain devices so not all disk devices attached to a virtual machine will be captured for examples are, passing through physical disk devices from hypervisor host to the virtual machine, IscsI Mounts, RDM Raw Device mapping of LUN from a storage array and more… What happens in these cases is that a virtual machine has OS disk provisioned as a virtual disk but secondary storage device is directly to a physical array volume. An easy example here would be an application that has redundancy though multiple nodes however share the same data eg. SQL Cluster with shared storage for database.

In cases like these where Agentless is not a fit you need to revert to the traditional backup through an Agent.

Agent Based Backup

Agent based backup is the process of installing a software package from the vendor in the target system, this will communicate with the backup server and utilise target services and resources to perform and capture backup such as shadow copy service and VSS writers like SQL or Exchange writers for application backup. This using the target system resource to create the backup rather than impacting shared resources as on agentless cross shared virtual infrastructure. This can be a lengthier backup windows compared to agentless approach.

A lot of systems are left physical and for good reason. Servers that require physical monitoring or licensing via dongle USB key, systems or application servers that licensing is not compatible with virtual hardware, systems that the virtual infrastructure is dependent on, in cases domain controllers or networking systems.

These systems will still utilise agents for data protection rather than agentless in the fear of virtualising and creating in necessary downtime.

The Migration Magic Wand

With Arcserve, both agentless backups and agent based backups can be sent to the same backup server and data is compared and deduplicated cross technologies, further compressed and stored that is true global deduplication!

As mentioned earlier in the article, Arcserve has changed the virtualization landscape by offering a solution that followed its licensing during migration and facilitated the migration to virtualization.

The question whether or not to virtualise a specific system or application is a hard one and requires planning, testing, more testing and hopefully execution at some point. If we introduce Arcserve into this scenario because of Arcserve being hardware agnostic and hypervisor agnostic we can safely backup a physical system or application online, spin up an Instant VM of the physical server backed up onto the hypervisor of choice and test functionality and impact without down time and without hours or days of preparation once confirmed happy, system is functional we can run another backup repeat or avoid data loss through a Arcserve high availability agent . This would create a virtual instance on request with continuous replication to avoid any data loss.

A few days pass and we realise we have overlooked a specific detail and the system is not performing to business standard as virtualised. It can’t be fixed and we need to return to physical. We simply back up VM agentless or with an agent and run a bare metal recovery to the original hardware or newer. Even simpler, we can create a Arcserve HA BMR to allow us to fail back as a high availability process to the physical servers again.

The Conclusion

Whether you want to virtualize or have virtualized or won’t virtualise, that is 100% your choice but choose a backup and disaster recovery vendor that can transition through those phases without having to repurchase and avoid multiple vendors to complete a single task or single solution.

I end with a Quote

One reason people resist change is because they focus on what they have to give up, instead of what they have to gain. – Rick Godwin

Not a day passes without another article about an organization being held hostage with an encryption-based ransom, or ransomware. I am sure the irony of it is not lost on many IT folks: the same tool that is supposed to help secure your data is now used against you in a criminal endeavor. Adding insult to injury, there’s no real way out and you’d better have a Bitcoin account ready to pay up.

Here’s the good news: while it’s not perfect, you already have a great solution in place in your environment to help you out; good old backup. Yes, the unsexy backup function is becoming quite attractive. However, there are some ‘gotchas’ and best practices one must adhere to. Remember, your backup server is a target too.

Many customers have used our solution, Arcserve UDP, to successfully recover affected systems and save their businesses from succumbing to encryption extortionists.. With Arcserve UDP, you can recover a system from scratch and minimize your data loss. Of course, you’d have to get rid of the infected systems and stop the virus from spreading first. However with regular backups, you can significantly reduce the amount of exposure and have the confidence you can recreate a “clean” system. After all, this is a “logical” incident. You would do the same thing if somehow you had corrupted a system and its data; the big difference is the source of the problem.

After discussions with our technical experts, we’ve developed best practices to help you stay out of the ransomware headlines, and keep your business running as usual.

Protect the Source Machine

Take precautions to prevent infection in the first place, such as training users to not click on links within emails, downloading attachments from unknown sources and updating software on a timely basis.

Perform regular backups, which may include rethinking your service level agreements to ensure critical business data is backed up more frequently.

Follow the 3-2-1 strategy for backup: one of the copies should be offline, andat least one of the copies should be offsite.

Make sure your chosen backup solution includes virtual standby for critical systems so that you can get back on your feet very quickly.

Protect the Protector (The Backup Data)

If your backup server gets infected or if your backup data is on a shared network share that is accessible from an infected machine, ransomware can encrypt backup data as well. It sounds obvious, but it’s important to remember!

There is no magic bullet or perfect answer, but it’s important to remember that with an advanced backup solution (such as Arcserve UDP), you have a great tool to help in your fight against ransomware. It starts by educating end users and applying best practices to protect your environment.

In this second and final post comparing Arcserve UDP and Company Vm, we will focus on some very important differences in our respective backup and recovery technology. Let’s first remember that Company Vm focuses only on data protection for virtual environments, and by definition, creates serious gaps in their ability to support hybrid environments.

Support for physical systems is a built-in capability with Arcserve UDP. While many production environments may be highly virtualized, not everyone is 100% virtualized yet, nor do industry analysts seem to believe it will ever be the case. This underscores a very real need to offer support that protects physical systems in addition to virtual servers, or customers have no choice but to run multiple solutions, which is counter-productive and doesn’t deliver coherent restores across the environment. Arcserve UDP supports both physical and virtual sources, and rrestores to physical and virtual destinations.

In terms of flexible recovery options, Bare Metal Recovery (BMR) is a “must-have” in a data protection solution, and allows you to quickly recover when a complete system fails. Customers often resort to “adding on” other BMR products when their “virtual system only” product does not offer this capability. With Arcserve UDP, customers get instant BMR to support local and remote bare metal recovery of Linux physical machines. Instant BMR provides better restore capability and an improved end-user experience by enabling instant access to a target machine prior to the entire recovery process being finished. This feature empowers users to instantly regain access into a failed physical Linux node, and is a first of its kind.

Let’s talk about tape. Tape is not a primary backup medium anymore as most end-users today have adopted disk to disk strategies (i.e. backing up to disk vs. tape). However, there are still many reasons to use tape as a secondary backup medium for long term retention or archival requirements. Company Vm’s V9 technology introduced “advanced” tape support, including parallel processing, concurrent copy sessions and GFS Rotation schemes (Grand Father, Father, Son). However, you can’t “improvise” tape support; it takes years to master it – and Company Vm’s support is very basic. In contrast, Arcserve UDP offers actual advanced tape features, such as: multiplexing (2-32 jobs), multi-streaming, device group and media pool, GFS rotation and synthetic backup, append media, media maximization, media pool manager, tape library option and auto library detection and configuration, bar code support, auto inventory, auto eject media, monitor blank media quantity, tape management and tape vaulting, auto tape cleaning and configurable block size for tape. We could go on, but hopefully you see the stark differences in our tape support.

As far as remote office protection, it’s important to protect business data no matter where your employees are located, and to protect those data nodes in an efficient fashion. Company Vm’s solution requires a separately installed WAN Optimization service (and that’s for their Enterprise edition only). In comparison, Arcserve UDP’s Recovery Point Replication is included in all the versions of our solution, and our Gateway feature provides fast WAN Transfer that makes it highly efficient.

There are also differences in how Arcserve approaches cloud backup and replication, compared to Company Vm. Cloud backup and replication allows for the backup product console to connect to a cloud-based service provider. This lets you replicate VM copies or backup points offsite into the cloud as a disaster recovery solution.

With Arcserve, the target Hypervisor is cross-compatible, and the source and target Hypervisor can differ in this instance. Also, Arcserve supports this on physical servers at the source which allows for physical to virtual (P2V) to the service provider. With company Vm, one of the limitations is if you’re replicating from Hyper-V, your service provider must provide Hyper-V. Not very flexible, is it?

Finally, in contrast to Company Vm’s software and cloud partnership only, Arcserve UDP is available as a software solution but also as an appliance, in addition to the Arcserve Cloud.

13.7 billion years BC – The universe begins as a singularity; those who believe in the “big bang” theory suggest the disaster is on-going…

3.8 billion years BC – The start of life on Earth. The first cell is thought to have arisen from self-replicating RNA what developed later into DNA. DNA is a store of biological data, the genetic information that allows all modern living things to function, grow and reproduce. Put another way, you are the backup of your parents. Say hi to the therapist for me.

65 million years BC – Dinosaurs, not backed up.

13.7 billion years BC – The universe begins as a singularity; those who believe in the “big bang” theory suggest the disaster is on-going…

3.8 billion years BC – The start of life on Earth. The first cell is thought to have arisen from self-replicating RNA what developed later into DNA. DNA is a store of biological data, the genetic information that allows all modern living things to function, grow and reproduce. Put another way, you are the backup of your parents. Say hi to the therapist for me.

65 million years BC – Dinosaurs, not backed up.

48 BC – The burning of the Library of Alexandria. Among others in your “Top 10 Lost Books of All Time,” the second book of Aristotle’s Poetics went up in smoke and humanity was beginning to realize the fatal flaw in their cunning backup plan; paper is actually quite flammable.

1347 AD – The first known insurance contract is signed in Genoa, Italy. This was great for those buying and selling goods and owning property but information is difficult to value, most people would rather have their data back than receive compensation for its loss.

1436 AD – Johannes Gutenberg, a former goldsmith, created the first printing press in Germany. He used his knowledge of metalwork to fashion letters out of an alloy, pressing these against ink and then paper to create a copy. This made the printing of multiple copies considerably faster, a great step forward in data resilience.

1539 AD – Image based backup, born. Henry VIII, King of England was trying to decide who to marry next, he sent the artist Hans Holbein to make a reliable copy of what his list of European princesses looked like. Based on these images, Henry made his choice and proposed engagement to Anne of Cleeves only to discover she looked nothing like he expected. Corrupt data/bad copy.

48 BC – The burning of the Library of Alexandria. Among others in your “Top 10 Lost Books of All Time,” the second book of Aristotle’s Poetics went up in smoke and humanity was beginning to realize the fatal flaw in their cunning backup plan; paper is actually quite flammable.

1347 AD – The first known insurance contract is signed in Genoa, Italy. This was great for those buying and selling goods and owning property but information is difficult to value, most people would rather have their data back than receive compensation for its loss.

1436 AD – Johannes Gutenberg, a former goldsmith, created the first printing press in Germany. He used his knowledge of metalwork to fashion letters out of an alloy, pressing these against ink and then paper to create a copy. This made the printing of multiple copies considerably faster, a great step forward in data resilience.

1539 AD – Image based backup, born. Henry VIII, King of England was trying to decide who to marry next, he sent the artist Hans Holbein to make a reliable copy of what his list of European princesses looked like. Based on these images, Henry made his choice and proposed engagement to Anne of Cleeves only to discover she looked nothing like he expected. Corrupt data/bad copy.

1964 AD – Mass market computing begins, the Programma 101 was unveiled to the public at the New York World’s fair. One of these computers was used on Apollo 11 and it was pretty much… a calculator. “One small step…” (at a time!)

1972 AD – Mainframe computers deliver applications and data at high speed to hundreds of users, in-built hardware redundancy ensures exceptional RPOs and RTOs. The ancient Sumerians would have just lovedthis.

1990 AD – Arcserve 1.0 released by Cheyenne software. The age of distributed computing is in full swing and it is all about backing up to these little rectangular things called “tapes.”

1998 AD – VMware founded in Palo Alto, California. Although the concept of a hypervisor originated from 1960s, it was VMware who introduced hardware virtualization to the mass market. Virtualization will go on to revolutionize backup and disaster recovery.

2006 AD – XOsoft’s WANsync technology is integrated into Arcserve. For the first time mid-market users can perform both backup and full system failover from one solution.

2008 AD – Microsoft releases their competing product to VMware, they call it Hyper V. If you weren’t virtualized before, you are now. Specific software for virtual backup exists but there is little integration with physical servers, tape backups or cross platform Microsoft/Linux.

2006 AD – XOsoft’s WANsync technology is integrated into Arcserve. For the first time mid-market users can perform both backup and full system failover from one solution.

2008 AD – Microsoft releases their competing product to VMware, they call it Hyper V. If you weren’t virtualized before, you are now. Specific software for virtual backup exists but there is little integration with physical servers, tape backups or cross platform Microsoft/Linux.

This was, however, only compatible with Domino on Windows guest. I have since collaborated with Daniel Nashed from Nash!Comin Germany to come up with a creative solution to run an Arcserve Hypervisor snapshot of Domino Virtual Machine running on a Unix/Linux Guest.

Interested? Read on…

Daniel Nashed developed a script for Unix/Linux that would stop domino server. Utilising this script will allow Arcserve to take a DB consistent snapshot through the preferred Hypervisor. The script Bundle is available here. (Please note: the use of blogged scripts are at one’s own risk and should be tested with sandbox or lab copy of your production VMs). There is certain risk in shutting down Domino Server services at every backup, however, a shutdown is the only real solution for ensuring consistency of all databases during backup Snapshot pass.

Using virtualized Lotus Domino as a corporate messaging system on a Unix/Linux guest, the database’s consistency is guaranteed during backup by running custom script Rc_domino_script.

Once you have downloaded the script bundle from Nash!Com the bundle should look like this:

To start, the VM guest requires the relevant Hypervisor tools to be installed e.g. VMware tools or Host Integration tools. This will allow Arcserve to pass commands through the Hypervisor to the VM guest and initiate the script pre-snapshot and post-snapshot.

Next, the above files need to be copied to their relevant locations:

Rc_domino_script is the main script logic. It needs to be copied to the Unix/Linux guest location: /opt/ibm/domio

Rc_domino is the main entry point file for the service. It needs to be copied to the Unix/Linux guest location: /etc/init.d

Rc_domino_config_notes is the configuration file used. It needs to be copied to the Unix/Linux guest location: /etc/sysconfig

These three files all reference one another and are required for pre/post-snapshot.
If you are required to make changes, such as a different username for Domino, you will need to make changes to the config. file and modify the settings in the Rc_domino script. For more detail, refer to Read me or NashCom.

Once the script has been copied, we can now create an agentless plan in Arcserve UDP under plan > setting. In the Advanced tab, add the following commands to reference scripts:

/etc/init.d/rd_domino stop

snapshot

/etc/init.d/rd_domino start

With the above, we are able to successfully snapshot Domino DB on Unix/Linux without an agent and provide application consistency.

2016 is off to an exciting start with Veeam and Arcserve releasing their latest versions. Veeam releaded the V9 Availability Suite and Arcserve released UDP6 (codenamed “Tungsten”).

Side note: Veeam coined the Phrase “RTPO” which is essentially means “RTO and RPO”. Personally, I disagree with this term as I think that the two terms are completely independent from one another: “Restore Time” and “Restore Point”. This is just my opinion.

Both are excellent products. I have had some time to test both capabilities and have done some research on their features. Below, I have a comparison based on the new features of Veeam V9 vs Arcserve UDP V6 and how each one delivers its’ functionality.

Instant VM Restore

An instant VM restore, or IVM, is about mounting your latest backup point to your Hypervisor host as a temporary data store point and registering that VM into the virtual infrastructure for immediate accessibility. It is no longer necessary to wait for your restore to copy points from backup disk into production – with IVM your RTO is seconds to minutes.

Veeam has had this functionality in previous versions, but has added some development: vPower Cache. This feature allows for recently accessed backup files to be cached and this will assist in speeding up instant VM restores, unlike Arcserve’s IVM.

UDP6 has just developed this feature in the new release V6. UDP 6 does have vPower functionality and can support instant VM restore cross-hypervisor, can instantly restore a VMware VM onto Hyper-V. In addition, UDP 6 also protects physical machines and allows for instant VM recovery of a physical node “P2V IVM”. This is very powerful stuff, unlike Veeam’s IVM.

Replica VM – Virtual Standby (For Disaster Recovery)

Replica VM or Virtual Standby “VSB” is a pre-exported conversion of your latest backup point into a virtual machine ready to power up in the event that production VM is lost. This is not a new feature for Veeam or Arcserve, but I would like to compare the two in any case.

Veeam has replica VM functionality , which is easy to use. You can create a replica VM off of the latest backup point or live snapshot process on your production VM. Both Veeam and Arcserve have networking and configuration functionality on these tasks. I would like to mention Veeam’s DR failover plan here. Where the plan is created with a boot sequence of multiple VMs, this failover plan allows you to commit to replica VMs or fail back to production VM.

UDP6 has what is called “Virtual Standby” that very easy to use. You can have a backup plan create virtual instances of the latest backup point. UDP6 VSB supports virtual standby cross-hypervisors and “P2V” (physical to virtual). This would mean you can have a VSB of your Vmware VM on hyper V or vica versa. This also means that you can have a VSB of a physical node onto your hypervisor. In addition, once failed over to VSB from the physical node you are able to restore back to the physical node directly off of the virtual standby to incorporate the latest changes written to the VSB.

Instant Bare Metal Recovery “BMR”for Linux

For Linux physical machines, Arcserve UDP introduces Instant Bare Metal Restore (BMR) to support local and remote bare metal recovery of Linux physical machines. Instant BMR provides better restore capability and an improved end user experience by providing users with instant access to a target machine prior to the entire recovery process being finished. This is done without physical interaction with the Linux nodes across the network though PXE boot solution.

Veeam does not currently support this and has limited support for physical server environments, as it was originally designed for Virtual solutions.

UDP6 provides for exactly what has been described above. Arcserve can instantly regain access into a failed physical Linux node with instant BMR. This is a first of its’ kind and a very powerful feature.

Granular Restore Tools “GRT”

GRT are interfaces that the backup vendor develops to facilitate for granular level restore back into applications. Example: an exchange GRT, allowing single mail items to be restored from a DB backup back into a mailbox into the live exchange DB. Most backup products support file level GRT as this is supported by Windows Explorer.

Veeam refers to a GRT as a “Veeam Explorer” and has in their new release V9 an Oracle Explorer and Veeam has granular VM recovery in Veeam Explorers for Microsoft Active Directory, Exchange, SharePoint and SQL Server.

UDP6 refers to this as “GRT” and has integrated this into the console restore capabilities, rather than having to install a separate feature application. Arcserve must be commended on its exchange GRT as this is very granular, allowing restores of mail down to calendar and tasks back into a mailbox. However, Arcserve currently supports Microsoft Active Directory, Exchange and Linux file/folder on GRT. Granular restores are still possible for Oracle, SharePoint and SQL but rather through its’ own interface.

Corruption Guard or Recovery Point Check

This feature tests the data integrity of the files systems in the backup points to ensure no corruption on backup points and no loss to data or unusable restore points.

This is a new feature for Veeam called “Corruption Guard”. This runs a process similar to check disk CHKDSK that tests and repairs file system data integrity issues on your backup restore points.

This is not a new feature to Arcserve. The feature is called “RPC” or Recovery Point Check. Arcserve will mount the restore point and actively run a CHKDSK on the files system and repair any corruption.

Backup Data Reduction

This is somewhat a large topic as it covers a variety of features. Data reduction on backup mainly consists of compression and global deduplication in most cases. Deduplication is the comparison to data across a deduplication domain only holding one instance of unique data, thus cancelling out redundant data being held on backup. Compression will compact files during backup to shrink the backup size to as small as possible.

Veeam has added a few features and further development on their de-duplication feature.The largest setback on Veeam’s global deduplication is that it’s not so global. The deduplication domain is across a single job – only servers within a plan will be de-duped against one another. There has been added development where multiple VMs within a job can be de-duplicated in parallel across both live backup streams. In addition, they have focused on third party storage vendors’ deduplication (such as HP and Netapp) to assist in reducing their backup footprint to storage.

Another feature, defragmentation and compact, will assist on further reducing the backup foot print over longer retention periods. This will access backup points and remove deleted data or VMs without requiring you to create a new active full.

Scale-out backup repositories (SoBR) and bitlooker are further additions to the V9 release.

Bitlooker allows you to exclude files and folders from your backup (e.g. exclude c:\temp). Further to that, it will allow you to exclude blocks that are marked as deleted. When a file is deleted in Windows, the space isn’t actually wiped clean – Windows just removes that file from the master file table, effectively forgetting about it and allowing future data to occupy the space. Unfortunately, because the data is still occupying space, it is getting backed up. BitLooker recognizes this fact and skips over these files.

The scale-out backup repository allows you to create a backup storage pool using multiple physical storage appliances, thus creating a federated storage repository. This increases write performance, as backups are written in multiple streams to multiple devices and this will also reduce storage cost (because you can repurpose storage devices).

UDP6 has true source side global de-duplication. The deduplication domain is at the backup server (RPS) storage level. Similar to Veeam, storage is presented through Windows or IscsI to Arcserve, but all backups to Arcserve storage repository are de-duplicated against each other, allowing for multiple plans/jobs/policies. This runs at 32k, 16k, 8k or 4k block size levels with a forever incremental strategy utilising CBT change block tracking. This means that only changed data blocks from the source are included into the backup pass. Furthermore, these blocks are compared to the backup storage repository to confirm they are indeed unique, thus massively reducing the storage requirement for backup on arcserve UDP. Both physical and virtual will be included in the same de-duplication domain. UDP6 has included physical Linux nodes into this single de-duplication domain. Impressive lab results have shown that protecting half a Petabyte of storage has left a storage footprint of 13.5TB on backup disk. Whilst the storage features Veeam V9 has developed are beneficial, these seem to be in place to assist their struggling de-duplication protocol or algorithm. Arcserve seems to have hit the nail on the head when it comes to data reduction, leaving backup simple yet efficient.

Stand Alone Console

The console would be the management interface for the backup application where reports and logs, jobs, schedules etc. can be configured.

Veeam has released a standalone console in V9 that allows you to install an application on your workstation that will connect to your Veeam backup servers on the network instead of multiple RDP sessions to your backup servers. The Veeam console is an installed application and so is the standalone server. Performance here is impacted by server or workstation CPU and memory utilization.

This has always been a feature for Arcserve (UDP stands for “Unified Data Protection”). Arcserve offers a unified console that is web based and backed by Tomcat. This has a tiny footprint when it comes to compute overhead and is browseable via Http or Https on any workstation or mobile device on your network.

ROBO Support

ROBO (Remote Office, Branch Office) support allows for your main backup infrastructure to communicate and maintain processes or jobs on your remote sites. This should allow for features such as remote backup/restore capabilities and reporting on multiple sites from a central location.

Veeam previously had issues relaying commands from Veeam B&R console to backup proxies across the WAN sites or VPN tunnels. In V9, Veeam has released Guest Interaction Proxy which allows for a secure SSL connection between sites and proxies back to B&R console. This allows for remote restore across WAN sites and mounting backup points locally. This was a much needed feature for Veeam service providers.

UDP had a similar issue when it came to ROBO solutions where this had to be done through VPN connection. Even so, this worked and was functional to each remote site. In UDP6, the Remote Management Gateway feature allows for secure SSL connections across WAN links to ROBO sites. It allows for all management out of a single console and the ability to configure and push agents from one console for all sites. This compliments the existing unified console.

Cloud Connect (Cloud Backup & Replication)

Cloud backup and replication allows for the backup product console to connect to a service provider service such as storage or compute resource. This will allow the customer to replicate VM copies or backup points offsite into the cloud and pose as a DR (Disaster Recovery) solution.

Veeam has added development to their cloud connect feature. Previously, this only allowed for copying backup points to a cloud target, but Veeam V9 brings the replication feature too.

Previously, I discussed Veeam’s replica VMs. A customer with an onsite Veeam installation can enter details of their Veeam service provider’s Veeam B&R Gateway and replicate replica VMs to their service provider. A limitation is that if you are replicating from Hyper V, your service provider must provide Hyper V.

This is not a new feature for Arcserve. Arcserve does this differently, though. The service provider creates a share plan with credentials and a secondary task to export as a virtual standby on either Hyper V or VMware. These credentials are shared with the customer. The customer will add a task to their backup plan to replicate to a remotely managed RPS server and use the credentials provided. The target hypervisor is cross compatible and the source and target hypervisor can differ in this instance. Arcserve supports this on physical servers too at the source, which allows for P2V to the service provider (“Physical to Virtual”).

Hardware Integrated Snapshots

Hardware snapshots allow the backup software to access the hardware array and initiate a snapshot of a VM of the hardware array, utilising the array compute resource to carry out the backup process. This results in a more efficient snapshot.

Veeam has done a lot of development with various storage vendors and has support on multiple storage arrays, such as NetApp and HP and the new edition in V9 of EMC. Veeam has also released Sandbox for HW snapshots in V9. This creates a clone of a snapshot into an isolated environment for testing purposes directly off the storage appliance, cutting out the unnecessary overhead.

UDP6 includes a hardware level snapshot integration in the new release for Netapp .

Tape

Veeam has released advanced support for Tape in the V9 release. This includes parallel rocessing, concurrent copy sessions and GFS rotation schemes (“Grand Father, Father, Son “). Tape is still underdeveloped for Veeam .

UDP6 has integration into its father product, Arcserve backup, which has been around for over 20 years. With over 20 years of development around tape features and support, it is far superior to Veeam’s Tape functionality. These features include: Multiplexing (2-32 jobs), Multistreaming, Device Group and Media Pool, GFS Rotation and Synthetic Backup, Append Media, Media Maximization, Media Pool Manager, Tape Library Option and Auto Library Detection and Configuration, Bar Code Support, Auto Inventory, Auto Eject Medi, Monitor Blank Media Qty., Tape Management and Tape Vaulting, Auto Tape Cleaning and Configurable Block Size for Tape.

Both products have their features that stand out. In my opinion, a lot of the new features Veeam has added to their suite were pre-existing with Arcserve since 2014 and before the release of UDP. Veeam seems to be playing catch-up. Veeam also doesn’t have a developed protection solution for your physical server workloads. Arcserve has physical and virtual protection features with integration into your environment which allows for physical to virtual, virtual to physical, virtual to virtual, “ Vmware to Hyper V “ restore/conversion functionality.

Arcserve also holds a replication and high availability suite that has been integrated into UDP, which allows for more than just disaster recovery and actually provides what Veeam claims to be: always on, automated fail over and instant replication of your business critical services.

Where are you now? Where are you going? Where do you want to be? Same product, same license.

This is how Arcserve fits into your IT strategy as an SMB.

When building your company’s IT infrastructure for the first time you would take the most minimalistic approach. For example, virtualization would most likely be out of reach initially depending on your IT budget. You would also probably have a Physical Active Directory Server (AD), an Application Server (APP) or File Server (FS), all with internal Disk. Mail would be outsourced to a service provider (SP) or you would use Online Office 365.

You Data Loss risk at this point is high, if your FS/APP server were to fail a disk; you would have an un-recoverable data loss – assuming that the server volumes have no raid set and are isolated.

The initial approach, considering IT Budget for a small to medium company would be to have a Backup Server or Backup Role on an existing server. In this case a server with Windows Server 08/12 running Arcserve UDP Standard Edition backing up to a cheap storage device such as NAS or External Disk 1TB – 2TB of backup storage will allow you to protect an estimate of 4.5TB of Source Data with a rolling backup of 30 days, allowing you to restore back to any point for an entire month.

Your restore process would either be file level or a bare metal recovery with USB or ISO for a full system state recovery on one of the servers.

Your next step would be to consider what would happen if you lost your entire IT infrastructure, due to theft, flood, fire etc. Only your Mail at this point would be intact & available. This is where Offsite Backup is now considered, having copies of your backups offsite to ensure backup redundancy, this approach would be to either migrate Disk Backup Points to tape on a weekly bases and then store offsite or replicate to Cloud SP Storage.

Your restore process would entail repurchasing lost hardware and to rebuild your Backup Server if necessary, deliver tape to site for the Restore Process / Replicate Backup points Back to Site or Restore through WAN from Cloud SP storage (whichever would be more cost effective and the least time consuming). This would be considered poor RTO (Restore Time Objective).

A few months or years down the line the business has grown considerably and there are now double or triple the amount of employees; and new hardware & applications have been purchased to accommodate for the growth. A virtualization approach has now been taken and a few physical servers or a SAN storage device are in place. AD, FS, APP, SQL Servers have been virtualized and in addition, the Mail environment has been localised and a Virtual Exchange Environment has been built for more efficiency and to reduce data costs.

The Backup Server has now been upgraded to an internal Raid 6 Volume and has 5TB-10TB backup capacity, licensing has been upgraded to Arcserve UDP advanced to cater for Exchange & SQL; this will enable you to protect an estimate of 20TB of source data with a rolling backup of 30 days, allowing you to restore back to any point for an entire month.

Calculations would show that if your IT infrastructure were to fail or go down you would lose thousands of Rands every hour. You could restore a VM instantly with Arcserve UDP Instant Restore but in the event of power failure or theft, flood etc, you would have a 24 – 72 hour estimate restore time to restore services from offsite copies; this however depends on many factors.

Your approach now is to have a Disaster Recovery Strategy (DR) and to repurpose the replaced hardware or purchase new less expensive hardware; and build a DR Cold Site at a branch office or Co-locate in a SP Data Centre Rack. You would then virtualise the hardware and build a second Backup Server as a Virtual Machine (VM). Now you have an offsite target to replicate to. Once replicated, you would export backup points as virtual machines onto the cold site. This is known as ‘Virtual Standby’. Each replication will update the Cold Site Virtual standby machines.

In the event of a disaster at your HQ; you would manually power up Virtual Standby VMs & redirect users to a temporary office or grant them remote access to services from the DR site.

Your RTO (Recovery Time Objective) here could be anything from minutes to hours, depending on system boot time and requirements to connect users to services, EG –VPN, Remote RDP etc.

Your DR Cold Site could also be Cloud Compute & storage Resource with a Cloud SP, where you have a Hosted Arcserve UDP server. This is a simple and entry level approach to DR and mostly likely small to medium business.

A few more years go by and your business has grown into a large organisation and you’re heading for the enterprise space. Your IT infrastructure would have grown significantly with multiple branch offices all connecting to your companies services in your server room or even data centre.

At this point moving to a data centre or to a local SP cloud platform is the best route to ensure redundancy and system resilience across your physical IT infrastructure, e.g. redundant power, redundant cooling, redundant WAN links etc. This is all to reduce downtime as the impact now in loosing critical services would cost hundreds of thousands of Rands, every minute or hour.

However there are still factors to consider even though the physical infrastructure is redundant; you could still have system outages, such as bad OS Patching, data corruption, human error, virus infections etc.

As a DR strategy is still required, you would start looking at UDP premium / Premium Plus for the simple reason that you want Backup and you want DR and high availability for critical applications.

One can then create high availability scenarios with Arcserve that will allow for instantaneous failover to a second server so that no service downtime is experienced as well as maintaining the DR strategy with a cold site virtual standby or warm site live replication with seconds RPO (Restore Point Objective) between Business Critical Servers and DR Servers.

Based on Implementing the above Premium / Premium Plus data continuity solution your restore options will include File Level Restore when needed and Full System State Instant VM restore to your production site. During a disaster scenario users can be seamlessly redirected to slave servers in the HA scenario relationships within the DR warm Site, virtual standbys can be powered up as needed for less critical services/servers in the warm site.

Certain servers will have a higher priority than others, this is why one would approach multiple strategies and features to provide the full solution while staying within budget.

This all can be done with one License, one Software Vendor. So less complexity, simple and easy to use.

Regardless of the size SMB to Enterprise, we at Arcserve have a solution for you that is more than just a backup.

After a busy day of writing emails, copying and pasting into spreadsheets and tweaking objects in this and that presentation; I was finishing up the last of it… tapping away on my laptop at the kitchen table when my right hand suddenly slipped and the mouse went “Saturday Night Fever” on me across the tabletop only to knock a glass of water off the side.

As the glass fell in slow motion, my left hand – still resting on the keyboard, jumped into action and out of pure reflex hit CTRL Z. To paint the picture for those of you who do not use keyboard shortcuts, I tried to stop a real life glass of water from breaking on my kitchen floor by using a computer’s “Undo” command. And… smash.

This immediately provided my Mrs. with a new entry for her long catalogue of ‘silly things Louis has done’, the source material for her best jokes at my expense. It was one morning as I melodramatically writhed in pain following a stubbed little toe that she suggested satirically “Why don’t you just hit CTRL Z?” Funny…I’m told. But it got me thinking about it again and you know what? I need CTRL Z in my life.

This is the stuff science fiction is made of! Oh to imagine what it would be like to live in a virtual world where you can pick the rules, read the dark warnings of William Gibson’s Burning Chrome or enjoy the pop asceticism of The Matrix. However, as we spend even more time online, our lives routinely uploaded there, perhaps the future is closer than we think.

What commands would you want in your virtual world? I am just a Backup and Disaster Recovery guy so please forgive my lack of imagination for this bucket list of Louis’ Must Have Commands For His Virtual World:

1. Save a Recovery Point from when I was 21 so I can go back and have hair again any time I want.

2. Replicate myself on holiday. After deduplicating and compressing myself so that I could travel on even a modest connection, I would encrypt myself and then, either real time or scheduled, replicate myself to a datacenter in Barbados. NICE!

3. Use Virtual Standby to create a lookalike of me. Not feeling like work today? I would spin up a Virtual Machine copy of myself fully equipped with all the relevant data; applications and send the poor chap into work instead.

4. Archive my fashion mistakes to the cloud. This is pretty much all the way from 1995 till present day with only a few exceptions like weddings and one or two fancy dress parties. I would take Granular Restore with that just in-case I am ever feeling nostalgic and want to have a laugh at one or two badly dressed memories without having to remember the whole lot.

5. Make everything much easier to do than it currently is. I’m thinking of absolutely everything here; but specific examples include: baking a decent macaron, DARPA’s math challenge and Morris dancing.

6. Deduplicate plastic bags. If only we could delete all the unnecessary plastic bags in the World! Well this is my virtual world and we just did it! Of course we’ll keep one plastic bag to put in a museum somewhere…

There is probably a far more controversial version of this list available to anyone who uses Adobe Photoshop extensively; but all of the above mentioned Backup and Disaster Recovery capabilities are available at this very moment with ArcserveUDP in both software and appliance options. And for those of us left wanting CTRL Z right now and in the real world, Virtual Reality exists via our smartphones and we still have the power to untag bad photos of ourselves on the likes of Twitter and other social media platforms. Things are looking up – we’re getting there!

Choosing the right replication solution for your organisation can be tricky if not daunting. Arcserve RHA or Zerto? That is the question! In this post we highlight the key features and benefits of both of these products in an attempt to make the decision making process easier for you.

Arcserve RHA vs Zerto

In short, Zerto is a hypervisor agentless VM replication solution whereas Arcserve RHA is an agent based real time replication & high availability solution.

Architecture

Zerto requires a ZVM (Zerto Virtual Manager) on each site, a ZVA (Zerto Virtual Appliance) on each virtual host and a ZCM (Zerto Cloud Manager) in order to manage multi-tenancy. This can range from a minimum of 4-5 servers upwards, depending on the amount of hosts.

Arcserve RHA requires a minimum of 1 control service engine with RHA manager, to 2 servers if redundancy is required for scenario management.

Overview

Zerto:

After the large installation, Zerto allows for simplistic DR VPGs (Virtual Protection Groups) to be created. This doesn’t involve much configuration except to point to a secondary site ZVM & some Re-IP configuration for the DR site.

SLAs can be created to ensure VPGs meet their RPO’s.

Zerto replicates VM files at a block level to the DR site spool and only creates and powers a VM onto the DR Hypervisor once failover is initiated, regardless of whether it’s a test or real scenario. Therefore Zerto cannot guarantee a RTO.

Zerto does not test application or data consistency within the guest OS of the protected VM.

When a scenario involves a transactional intensive DB environment; an agent is required to be loaded onto the specific VM’s. Guest Quiescing is then initiated from Zerto to commit transactional logs (log truncation) so that the DB’s stay consistent on the DR side as it’s an active passive solution. SQL is only built at the point of failure with the latest blocks replicated; and you would need to consider factors like transaction size and long-running transactions that cannot be cleared from the log until they have completed. If a fail over where to occur during the transaction, the DR VM built on the other side will have inconsistent DB’s in a recoverable state.

Zerto has a journal history function where blocks can be rolled back to a certain time, but you would need to find a specific point in time where all transactions were completed. Alternatively you can load a Zerto agent which will Quies the guest OS, thus utilising VM resources and IO. Zerto recommends that it be run every 4 Hours +, inflating your RPO to 4 Hours.

Zerto’s failover process requires the user to log into the site ZVM and press a fail over button. There is no HA or automatic failover solution.

Arcserve RHA:

Arcserve RHA requires a control service engine to be loaded onto the server managing the HA or DR replication scenarios. A control engine agent is loaded onto each server protected.

Unfortunately the scenario setup requires that the user be more involved. Arcserve allows for DR file & application replication where failovers are manual & HA full system or application HA; where failover can be manual or automated with integrated DNS changes to the local DNS server.

In a replication scenario; a live DR VM or server is required to receive replicated files and the server will be required to be setup by the user. With application HA; the server will require the application to be setup and configured as well. This does require more setup and running computer resources on the DR site but it has its added benefits.

Arcserve RHA allows for replication or HA from physical environments, virtual or a mixture of both (P2V, V2P, V2V & V2P) this can then be configured to automatically failover or failover through user Intervention. This then provides seconds RPO & seconds RTO.

Arcserve has another feature called ‘Assured Recovery’ that allows for automated HA & DR testing and unlike Zerto, tests the application in the guest OS as well as the data constancy with the master server.

Other features include data rewind (similar to Journal History) where you are able to rewind changes made to an application or the OS files; unlike Zerto which is at a hypervisor block level only.

Synchronization between servers can be done at a block or file level.

This entire solution is then able to integrate into Arcserve UDP (Backup Suite) and is managed through a console with 1 license.

To avoid the large setup of building the DR VM’s for your scenarios, you can use the backup feature of UDP to replicate source servers and export as VSB ( Virtual standby ) the VSB can then be used in an HA or replication scenario.

Let’s start by explaining the image above. The blue illustration shows the most efficient way of backing up one full backup, followed by daily infinite incremental backups. The red illustration shows an older strategy (still used by many vendor backup solutions) – a weekly full backup with incremental chains. As you can see, the required storage footprint is more than doubled in the red illustration. An infinite backup strategy is becoming increasingly more popular as organisation strategies and policies are forever changing with future technologies.

To define “Incremental-Forever” aka infinite incremental backups:

The most basic form of incremental backup consists of identifying, recording and preserving only those files that have changed since the last backup. Since changes are typically low, incremental backups are much smaller and quicker than full backups. For instance, following a full backup on Friday a Monday backup will contain only those files that changed since Friday. A Tuesday backup contains only those files that changed since Monday and so on. In addition, the restore process is optimized, as only the latest versions of blocks that belong to a restored backup are restored. Since the same area on the production disk is recovered only one time, the same block is not written to multiple times. Therefore, one full backup followed by many backup increments act as your retention but with lower I/O impact on your storage overall.

In addition to this, Arcserve allows for multilevel incremental schedules on one plan. This means that you are able to add separate weekly, monthly, and yearly schedules to the same job that could consist of incremental or full backups. Unlike the common backup software as shown in the red illustration above, Arcserve’s infinite incremental backup allows the synthetic operation to create a new full backup which is limited to the size of the incremental file instead of the complete size of a full backup file.

So you would see a something similar to below with Arcserve’s infinite backup strategy:

Infinite incremental forever backups may sound crazy. However organizations with very long retention requirements should consider this philosophy.

Complications

After a bit of searching on the web for general concerns with infinite or incremental forever backups & from my experience with multiple organizations and setups, the main concern with infinite incremental is that should any one of the copies created fail, including the first (full) backup, the possibility of restoration will be incomplete or impossible from the chain and the longer you go without a new full backup the more risk you take. What if corruption happens along the way and you lose an increment? You would lose the integrity of the chain, up to last working backup.

Looking at the image below, Backup #1 is dependent on the Full backup, Backup #2 is dependent on Backup #1 and so on. If corruption occurred on Backup #2, the last restorable would be backup #1.

With Arcserve this is notthe case. Arcserve has a completely different method of holding the restore points. Basically, each increment and backup is a pointing file rather than a reference to a set of block data set in a destination. Arcserve also allows for Verify backup to be run to check reference points and rebuild the chain if needed. This protects your infinite retention chain and preserves data. Verify backup can be run manually or scheduled as a multilevel incremental backup. The image below shows how Arcserve holds this data compared to other backup vendors as seen above.

I ran a lab test on this and deleted an incremental pointer from Arcserve backup destination on a protected server from the middle of its chain. I then immediately tried to restore from the next point forward and received errors. I was able to return to a point before the deleted point but nothing following. I then ran a manual verify backup, and I was able to restore from all points in the chain except the deleted point. Arcserve can thus repair corruption or loss in the chain and statements such as “should any one of the copies created fail, including the first (full) backup, the possibility of restoration will be incomplete” are no longer valid when using Arcserve Unified Data Protection.

Why infinite incremental with Arcserve UDP?

It reduces backup windows from hours to minutes for many applications, while providing faster recovery of your data.

In a virtual environment, further data reduction can be observed with incremental changes being feed by CBT change block tracking on a lower block level.

It reduces media costs incurred from offloading to tape cartridges needed on previous backup strategies to fulfill retention requirements that included bloated backups (D2D2T). When infinite incremental is your strategy going forward then retention can be kept on disk and rather replicated offsite to disk once again for peace of mind. This reduces your RTO.

This will enable full on and off site data retention, compliant with industry standards & corporate data policies.

Reduce the amount of data that goes across the local area network (LAN) and what’s replicated on across your wide area network (WAN)

Source side global deduplication on incremental backups, making backups even more efficient and shortening windows: no comparison with the backup target is done since only changed blocks are identified at the source.

Why should Arcserve to be your infinite incremental backup vendor?

Because of the impressive data reduction ratios and costs savings that are achievable. Below is a breakdown of what you can achieve with Arcserve infinite incremental bundled with deduplication and further compression (even more impressive on a virtual environment using change block tracking: more data reduction can be observed).

A traditional infinite incremental backup before compression and deduplication, and no CBT: